From 2948e574a8b77fe18f95db46fec2086b3725522f Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 10 Dec 2024 21:29:16 +0000
Subject: [PATCH] fix: Dockerfile_dev_fips to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-ALPINE317-OPENSSL-3314651
- https://snyk.io/vuln/SNYK-ALPINE317-OPENSSL-3314651
- https://snyk.io/vuln/SNYK-ALPINE317-OPENSSL-6148880
- https://snyk.io/vuln/SNYK-ALPINE317-OPENSSL-6148880
- https://snyk.io/vuln/SNYK-ALPINE317-OPENSSL-3368755
---
 Dockerfile_dev_fips | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/Dockerfile_dev_fips b/Dockerfile_dev_fips
index 1ecbd981ce..21e0467fa0 100644
--- a/Dockerfile_dev_fips
+++ b/Dockerfile_dev_fips
@@ -1,13 +1,13 @@
-FROM alpine:3.17.1 as otelcol
+FROM alpine:3.21.0 as otelcol
 COPY otelcol-sumo /
 # This shouldn't be necessary but sometimes we end up with execution bit not set.
 # ref: https://github.com/open-telemetry/opentelemetry-collector/issues/1317
 RUN chmod 755 /otelcol-sumo
 
-FROM alpine:3.17.1 as certs
+FROM alpine:3.21.0 as certs
 RUN apk --update add ca-certificates
 
-FROM alpine:3.17.1 as directories
+FROM alpine:3.21.0 as directories
 RUN mkdir /etc/otel/
 
 FROM debian:11.6 as systemd
@@ -16,7 +16,7 @@ RUN apt update && apt install -y systemd
 # h stands for dereference of symbolic links
 RUN tar czhf journalctl.tar.gz /bin/journalctl $(ldd /bin/journalctl | grep -oP "\/.*? ")
 
-FROM alpine:3.17.1
+FROM alpine:3.21.0
 RUN apk update && apk add curl tar
 RUN curl -LJ "https://go-boringcrypto.storage.googleapis.com/go1.18.7b7.linux-amd64.tar.gz" -o go.linux-amd64.tar.gz \
     && tar -C /usr/local -xzf go.linux-amd64.tar.gz \